Puppet Class: profile::aptrepo::wikimedia

Defined in:
modules/profile/manifests/aptrepo/wikimedia.pp

Overview

Parameters:

  • primary_server (Stdlib::Fqdn) (defaults to: lookup('aptrepo_server'))
  • secondary_servers (Array[Stdlib::Fqdn]) (defaults to: lookup('aptrepo_servers_failover'))
  • basedir (Stdlib::Unixpath) (defaults to: lookup('profile::aptrepo::wikimedia::basedir'))
  • homedir (Stdlib::Unixpath) (defaults to: lookup('profile::aptrepo::wikimedia::basedir'))
  • gpg_user (String) (defaults to: lookup('profile::aptrepo::wikimedia::gpg_user'))
  • gpg_pubring (String) (defaults to: lookup('profile::aptrepo::wikimedia::gpg_pubring'))
  • gpg_secring (String) (defaults to: lookup('profile::aptrepo::wikimedia::gpg_secring'))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# File 'modules/profile/manifests/aptrepo/wikimedia.pp', line 2

class profile::aptrepo::wikimedia (
    Stdlib::Fqdn $primary_server = lookup('aptrepo_server'),
    Array[Stdlib::Fqdn] $secondary_servers = lookup('aptrepo_servers_failover'),
    Stdlib::Unixpath $basedir = lookup('profile::aptrepo::wikimedia::basedir'),
    Stdlib::Unixpath $homedir = lookup('profile::aptrepo::wikimedia::basedir'),
    String $gpg_user = lookup('profile::aptrepo::wikimedia::gpg_user'),
    String $gpg_pubring = lookup('profile::aptrepo::wikimedia::gpg_pubring'),
    String $gpg_secring = lookup('profile::aptrepo::wikimedia::gpg_secring'),
){

    class { '::aptrepo':
        basedir       => $basedir,
        homedir       => $homedir,
        incomingconf  => 'incoming-wikimedia',
        incominguser  => 'root',
        # Allow wikidev users to upload to /srv/wikimedia/incoming
        incominggroup => 'wikidev',
        gpg_pubring   => $gpg_pubring,
        gpg_secring   => $gpg_secring,
        gpg_user      => $gpg_user,
    }

    file { "${basedir}/conf/distributions":
        ensure       => present,
        mode         => '0444',
        owner        => 'root',
        group        => 'root',
        source       => 'puppet:///modules/aptrepo/distributions-wikimedia',
        validate_cmd => '/usr/bin/python -c "import apt_pkg; f=\'%\'; list(apt_pkg.TagFile(f))"',
    }

    include ::profile::backup::host

    # The repository data
    backup::set { 'srv-wikimedia': }

    # Home of the root user, contains keys and settings
    backup::set { 'roothome': }

    class { 'aptrepo::rsync':
        primary_server    => $primary_server,
        secondary_servers => $secondary_servers,
    }

    if $primary_server == $::fqdn {
        monitoring::service { 'https':
            description   => 'HTTPS',
            check_command => 'check_ssl_http_letsencrypt_ocsp!apt.wikimedia.org',
            notes_url     => 'https://wikitech.wikimedia.org/wiki/APT_repository',
        }
        $motd_ensure = 'absent'
    } else {
        $motd_ensure = 'present'
    }

    motd::script { 'inactive_warning':
        ensure   => $motd_ensure,
        priority => 1,
        content  => template('profile/install_server/inactive.motd.erb'),
    }
}